<?php
/*
 *   This file is part of poat.
 *
 *   poat is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   poat is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with poat.  If not, see <http://www.gnu.org/licenses/>.
 * 
 *   Copyright (c) 2008 Sergio Gabriel Teves <gabriel.sgt at gmail.com>
 * 
 */

require_once(ROOT_PATH."class/user.class.php");

if ($param['op'] == 'submit') {
		
		$tm->assign('userid',$param['userid']);
		
		$us = new user();
		$us->userid=$param['userid'];
		$ret = $loader->get($us);
	
		$ok = true;
		$novalidate=false;
		
		if ($ret) {
			
			if (isset($param['passcode'])) {
				$tm->assign('passcode',$param['passcode']);
				if (!$ret or $us->passcode != $param['rc'] or util::isExpire($us->passexpire,RECOVERY_EXPIRE)) {
					$error = $LANG['codeexpire'];
					$ok=false;
				} else {
					$novalidate=true;
				}
			}
		
			if ($ok) {
				if (isEmpty($param['password'])
					or
					isEmpty($param['repassword'])
					or
					(isEmpty($param['cupassword']) && !$novalidate)) {
					$error = $LANG['regmissing'];
					$content = $tm->fetch('chpwd.tpl');	
				} elseif ($param['password']!=$param['repassword']) {
					$error = $LANG['passnotmatch'];
					$content = $tm->fetch('chpwd.tpl');
				} elseif (strlen($param['password'])<MIN_PASSWORD_LEN) {
					$error = $LANG['passtooshort'];
					$content = $tm->fetch('chpwd.tpl');
				} else {
					if (!$novalidate) {
						$ret = $us->validate($param['cupassword']);	
					} else {
						$ret = true;
					}
					if ($ret) {
						$us->passcode=null;
						$us->passexpire=null;
						$us->password=$param['password'];
						$loader->update($us);
						$message=$LANG['passchok'];
						$content = createMessage($homelink,array($LANG['home']));
					} else {
						$error = $LANG['incorrectpass'];
						$content = $tm->fetch('chpwd.tpl');
					}
				}
	
			}
		}
} elseif (isset($param['rc'])) {
		$us = new user();
		$us->userid = $param['u'];
		$ret = $loader->get($us);
		
		if (!$ret or $us->passcode != $param['rc'] or util::isExpire($us->passexpire,RECOVERY_EXPIRE)) {
			$error = $LANG['codeexpire'];
			$content = createMessage($homelink,array($LANG['home']));		} else {
			$tm->assign('userid',$param['u']);
			$tm->assign('passcode',$param['rc']);
			$content = $tm->fetch('chpwd.tpl');
		}
} else {
		$tm->assign('userid',$CURRENT_USER->userid);
		$content = $tm->fetch('chpwd.tpl');	
}


?>
